It demands payment in three days or the price is doubled, and if none is received in seven days, the files will be deleted, according to the screen message.

A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.

Although Microsoft released a security patch for the flaw earlier this year, many systems have yet to be updated, researchers said.

“Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email,” Lance Cottrell, chief scientist at the US technology group Ntrepid.

“The ransomware can spread without anyone opening an email or clicking on a link.”

The sort of ransom demands have been growing precedent at medical facilities. In February 2016, a Los Angeles hospital, the Hollywood Presbyterian Medical Center, paid $17,000 in Bitcoin to hackers who took control of its computers for more than a week.

“Ransomware becomes particularly nasty when it infects institutions like hospitals, where it can put people’s lives in danger,” said Kroustek, the Avast analyst.

A spokesman for Barts Health NHS Trust in London said it was experiencing “major IT disruption” and delays at all four of its hospitals.

“We have activated our major incident plan to make sure we can maintain the safety and welfare of patients,” the spokesman said. “Ambulances are being diverted to neighboring hospitals.”

Two employees at St Bartholomew’s Hospital, which is part of Barts Health, told AFP that all the computers in the hospital had been turned off.

Caroline Brennan, 41, went to the hospital to see her brother, who had open heart surgery.

“They told us there was a problem. They said the system was down and that they cannot transfer anyone till the computer system was back up,” Brennan said.

Some said the attacks highlighted the need for agencies like the NSA to disclose security flaws so they can be patched.

“These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world,” said Patrick Toomey of the American Civil Liberties Union.